idnits 2.17.1 draft-sakura-6rd-datacenter-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 5 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 31, 2011) is 4554 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'Server' is mentioned on line 145, but not defined == Unused Reference: 'RFC2119' is defined on line 293, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-armd-problem-statement' is defined on line 328, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-v6ops-v6nd-problems' is defined on line 333, but no explicit reference was found in the text == Unused Reference: 'RFC3849' is defined on line 342, but no explicit reference was found in the text == Unused Reference: 'RFC5569' is defined on line 345, but no explicit reference was found in the text == Unused Reference: 'RFC5737' is defined on line 348, but no explicit reference was found in the text == Unused Reference: 'RFC5952' is defined on line 351, but no explicit reference was found in the text == Outdated reference: A later version (-04) exists of draft-ietf-armd-problem-statement-00 == Outdated reference: A later version (-05) exists of draft-ietf-v6ops-v6nd-problems-00 Summary: 1 error (**), 0 flaws (~~), 11 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force S. Tsuchiya, Ed. 3 Internet-Draft M. Townsley 4 Intended status: Informational Cisco Systems 5 Expires: May 3, 2012 S. Ohkubo 6 Sakura Internet 7 October 31, 2011 9 IPv6 Rapid Deployment (6rd) in a Large Data Center 10 draft-sakura-6rd-datacenter-02 12 Abstract 14 IPv6 Rapid Deployment (6rd) as defined in RFC 5969 focuses on rapid 15 deployment of IPv6 by an access service provider which has difficulty 16 deploying native IPv6. This document describes how 6rd can be used 17 to deliver IPv6 within a Large Data Center. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on May 3, 2012. 36 Copyright Notice 38 Copyright (c) 2011 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Network Architecture . . . . . . . . . . . . . . . . . . . . . 3 55 3. 6rd Availability in Server Operating Systems . . . . . . . . . 5 56 4. Deployment Consideration . . . . . . . . . . . . . . . . . . . 6 57 4.1. IPv4 compression address . . . . . . . . . . . . . . . . . 6 58 4.2. Configuration . . . . . . . . . . . . . . . . . . . . . . 6 59 4.3. MTU consideration . . . . . . . . . . . . . . . . . . . . 6 60 4.4. Performance . . . . . . . . . . . . . . . . . . . . . . . 7 61 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 62 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 63 7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 64 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 65 8.1. Normative References . . . . . . . . . . . . . . . . . . . 7 66 8.2. Informative References . . . . . . . . . . . . . . . . . . 7 67 Appendix A. Additional Stuff . . . . . . . . . . . . . . . . . . 9 68 A.1. OS configuration . . . . . . . . . . . . . . . . . . . . . 9 69 A.1.1. Network Topology&Parameters . . . . . . . . . . . . . 9 70 A.1.2. configuration procedure . . . . . . . . . . . . . . . 10 71 A.2. OS Proportion on Sakura's VPS . . . . . . . . . . . . . . 13 72 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 74 1. Introduction 76 IPv6 Rapid Deployment (6rd) as defined in RFC 5969 focuses on rapid 77 deployment of IPv6 by an access service provider which has difficulty 78 deploying native IPv6. This document describes how one service 79 provider in Japan, Sakura Interent, Inc., not for a large residential 80 deployment, but for a large data center network. 82 While the protocol mechanism of 6rd is unchanged, the deployment 83 model varies a bit from the classical "residential home access 84 provider" model. 86 The motivation for using 6rd is very similar to that of the 87 residential case where the service provider would like to offer IPv6 88 quickly to those users who want it, but without replacing equipment 89 that currently does not support IPv6. 91 This document is provided as information to the Internet community. 93 2. Network Architecture 95 The case study presented here is based on the services provide by 96 Sakura Internet Inc. Sakura Internet provides Internet services 97 through Internet backbones and large data centers. 99 Sakura offers four types of services: 101 1. Housing Service, which provides Collocation and Internet Access 102 on 5 urban datacenters (4 in Tokyo, 1 in Osaka) 104 2. Hosting Service, which provides shared service on the servers. 106 3. Dedicated Server Service, which provides customer dedicated 107 server with variable OSs. 109 4. Virtual Private Server Service (VPS), which provides guest 110 operating system on the Kernel-based Virtual Machine (KVM). 112 At the time of this writing, Sakura serves more than 200 Gpbs of 113 traffic on its backbones, and around 50,000 dedicated servers, 114 Virtual Private Servers, and collocated servers. 116 Figure.1 describes server-based 6rd in datacenter's network 117 architecture. 119 .--. 120 _(. `) 121 _( IPv6 `)_ 122 ( Internet `) 123 ( ` . ) ) 124 `--(_______)---' 125 | 126 +----------+ 127 | 6rd BR | 128 +----------+ 129 | 130 +----------+ .--. 131 |6rd CE on | _(. `) 132 |guest OS | _( IPv4 `)_ 133 +----------+ ( Backbone `) +----------+ 134 | KVM |====( ` . ) )====|6rd CE on | 135 +----------+ `--(_______)---' |dedicated | 136 || |server | 137 || +----------+ 138 +----------+ 139 |6rd CE on | 140 |Housing GW| 141 +----------+ 142 | 143 -------------IPv4/IPv6 dual stack 144 | | 145 [Server] [Server] 147 Figure 1 149 Sakura has deployed commercial 6rd Border Relays, and relies on CE 150 functionality in gateway routers or directly within the operating 151 system of the servers. 153 In the latter model, there is no need for a CE gateway as the 6rd 154 function is implemented directly in the server operating system 155 itself. 157 -For Housing users, there are two options. Either the 6rd CE 158 function is performed on the Gateway router itself, or the servers 159 themselves can run 6rd directly. 161 -For Hosting users, IPv6 service can start by deploying 6rd CE 162 function on the server OS or guest OS on the KVM. 164 Server administrators can start IPv6 service on demand themselves by 165 using server-based 6rd. 167 There were some issues when Sakura considers IPv6 deployment on their 168 backbone. 170 1.Some backbone Layer3 switches are too old. 172 IPv6 Switching would be software switching even if IPv4 Switching in 173 hardware. It needs replacement. 175 2.Some backbone Layer3 switches required software upgrade. 177 IPv6 supports on hardware. But software upgraded is needed. In 178 datacenter, there is different requirement on each server, even if 179 the server connected to the same switch. Because the server 180 administrator are completely different. Each server is providing 181 different service to the different customers. So backbones 182 maintenance time negotiation to the customer is very difficult. 184 3.Design Consideration 186 There are some scalability issues within the large 187 datacenter.Especially backbone Layer 3 switches has huge arp and IPv4 188 routing entries.When the switch would upgrade and enable IPv6,NDP 189 entry will be added,many resource such as NVRAM and TCAM will be 190 consumed. 192 IPv6 datacenter also has security issues such as 193 [draft-ietf-v6ops-v6nd-problems] and [RFC6104]. 195 To provide native IPv6 service to the existing customer today 196 rapidly, it needs cost,time,negotiation with customer and design 197 consideration. 199 This is the reason why Sakura decided to provide server-based 6rd to 200 the existing customer. 202 3. 6rd Availability in Server Operating Systems 204 In particular for the server-initiated case, Sakura relies on 6rd 205 availability in Server operating systems. 207 Linux kernel has started to support 6rd since 2.6.33. So if Linux 208 based Operating Systems are using 2.6.33 and the later,it can 209 provides server-based 6rd. 211 FreeBSD and CentOS could not provide 6rd in default, but the patch 212 exist. 214 +----------------------+---------------+----------------------------+ 215 | Operating Systems | Linux Kernel | Description | 216 +----------------------+---------------+----------------------------+ 217 | Fedora14 and the | 2.6.35 and | Server-based 6rd ready | 218 | later | above | | 219 | Ubuntu 10.10 and the | 2.6.35 and | Server-based 6rd ready | 220 | later | above | | 221 | Debian6.0 | 2.6.32 | Kernel update needs | 222 | CentOS5.6 | 2.6.18 | needs [CentOS | 223 | | | patch1][CentOS patch2] | 224 | FreeBSD8 | N/A | needs [BSD patch] | 225 +----------------------+---------------+----------------------------+ 227 4. Deployment Consideration 229 4.1. IPv4 compression address 231 6rd protocol specification is defined on [RFC5969]. Section 4 of 232 [RFC5969] describes o-bit which can compress 32 bit IPv4 address in 233 the 6rd delegated prefix. Linux Kernel also supports this feature. 235 So customer could get some IPv6 prefixes even if datacenter's prefix 236 is /32. 238 But [BSD patch] doesn't has the feature of aggregate IPv4 address, 239 therefore datacenter provider has to prepare /32 IPv6 prefix at least 240 in that case. 242 In Sakura's case, 6rd prefix address using /32, and no compression 243 IPv4 address.Thus the delegated 6rd address length is /64. It is 244 enough address space for server-based 6rd. 246 4.2. Configuration 248 Section 7.1 of [RFC5969] describes 6rd CE automatic configuration 249 method such as DHCP,TR-69 and so on. 251 But server-based 6rd does not needs automatic configuration because 252 the server usually configure IPv4 address statically. 254 4.3. MTU consideration 256 Section 9.1 of [RFC5969] describes about Maximum Transmission 257 Unit(MTU) on 6rd tunnel. This guide also applicable for server-based 258 6rd. 260 But datacenter's IPv4 network is well-managed and is known by the 261 server administrator. So 6rd CE's tunnel MTU could set be -20 byte 262 from IPv4 MTU. 264 If the 6rd CE would be TCP server such as WWW, TCP MSS(Maximum 265 Segment Size will be calculated automatically from tunnel MTU. 267 4.4. Performance 269 6rd is tunnel technology, therefore the problem of performance is 270 often taken up.It depends on server spec,but [Apache Bench] showed 271 similar result with IPv4,IPv6 and 6rd.In Sakura internet server 272 service,interface specifications are shared 100Mbps for VPS 273 server,1Gbps for dedicated server. The result is enough to provide 274 to customer. 276 5. Acknowledgements 278 The authors thank Hiroki Sato and Masakazu Asama,who made BSD&CentOS 279 patch. 281 6. IANA Considerations 283 This document has no actions for IANA. 285 7. Security Considerations 287 This document has no security considerations. 289 8. References 291 8.1. Normative References 293 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 294 Requirement Levels", BCP 14, RFC 2119, March 1997. 296 [RFC5969] Townsley, W. and O. Troan, "IPv6 Rapid Deployment on IPv4 297 Infrastructures (6rd) -- Protocol Specification", 298 RFC 5969, August 2010. 300 8.2. Informative References 302 [Apache Bench] 303 ""ab - Apache HTTP server benchmarking tool"", 304 . 306 [BSD patch] 307 ""BSD patch"", . 310 [CentOS] ""The Community ENTerprise Operating System"", 311 . 313 [CentOS patch1] 314 ""CentOS Kernel patch"", . 317 [CentOS patch2] 318 ""CentOS iproute patch"", . 321 [Debian] ""Debian -- The Universal Operating System"", 322 . 324 [Fedora] ""Fedora Project Homepage"", . 326 [FreeBSD] ""The FreeBSD Project"", . 328 [I-D.ietf-armd-problem-statement] 329 Narten, T., "Problem Statement for ARMD", 330 draft-ietf-armd-problem-statement-00 (work in progress), 331 October 2011. 333 [I-D.ietf-v6ops-v6nd-problems] 334 Kumari, W., "Operational Neighbor Discovery Problems", 335 draft-ietf-v6ops-v6nd-problems-00 (work in progress), 336 October 2011. 338 [Linux 2.6.33] 339 ""sit: 6rd (IPv6 Rapid Deployment) Support."", 340 . 342 [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix 343 Reserved for Documentation", RFC 3849, July 2004. 345 [RFC5569] Despres, R., "IPv6 Rapid Deployment on IPv4 346 Infrastructures (6rd)", RFC 5569, January 2010. 348 [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks 349 Reserved for Documentation", RFC 5737, January 2010. 351 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 352 Address Text Representation", RFC 5952, August 2010. 354 [RFC6104] Chown, T. and S. Venaas, "Rogue IPv6 Router Advertisement 355 Problem Statement", RFC 6104, February 2011. 357 [Ubuntu] ""Ubuntu Homepage"", . 359 Appendix A. Additional Stuff 361 A.1. OS configuration 363 A.1.1. Network Topology&Parameters 365 Describes configuration of each on OS,for reference. 367 .--. 368 _(. `) 369 _( IPv6 `)_ 370 ( Internet `) 371 ( ` . ) ) 372 `--(_______)---' 373 | 374 +----------+ 375 | 6rd BR | 376 +----------+ 377 | 203.0.113.1 378 .--. 379 _(. `) 380 _( IPv4 `)_ 381 ( Backbone `) 6rd prefix:2001:db8::/32 382 ( ` . ) ) 383 `--(_______)---' 384 | 385 -------------------------------------------- 203.0.113.0/24 386 |.10 |.11 |.12 |.13 |.14 387 [Ubuntu] [Fedora] [Debian] [CentOS] [FreeBSD] 389 Figure 2 391 common parameter 393 +-----------------+---------------+-------------+ 394 | BR IPv4 address | 6rd prefix | IPv4MaskLen | 395 +-----------------+---------------+-------------+ 396 | 203.0.113.1 | 2001:db8::/32 | 0 | 397 +-----------------+---------------+-------------+ 398 individual parameter 400 +-----------+--------------+-------------------------+ 401 | OS | IPv4 address | 6rd delegated prefix | 402 +-----------+--------------+-------------------------+ 403 | [Ubuntu] | 203.0.113.10 | 2001:db8:cb00:710a::/64 | 404 | [Fedora] | 203.0.113.11 | 2001:db8:cb00:710b::/64 | 405 | [Debian] | 203.0.113.12 | 2001:db8:cb00:710c::/64 | 406 | [CentOS] | 203.0.113.13 | 2001:db8:cb00:710d::/64 | 407 | [FreeBSD] | 203.0.113.14 | 2001:db8:cb00:710e::/64 | 408 +-----------+--------------+-------------------------+ 410 A.1.2. configuration procedure 412 A.1.2.1. Ubuntu 414 -modify "/etc/network/interfaces" 416 # vi /etc/network/interfaces 417 auto tun6rd 418 iface tun6rd inet6 v4tunnel 419 address 2001:db8:cb00:710a::1 420 netmask 32 421 local 203.0.113.10 422 endpoint any 423 gateway ::203.0.113.1 424 ttl 64 425 up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:db8::/32 426 up ip link set mtu 1280 dev tun6rd 428 -reboot 430 A.1.2.2. Fedora 432 -make "/etc/sysconfig/network-scripts/ifcfg-sit1" 434 # vi /etc/sysconfig/network-scripts/ifcfg-sit1 435 DEVICE=sit1 436 IPV6INIT=yes 437 IPV6_MTU=1280 438 IPV6_DEFAULTGW=::203.0.113.1 439 IPV6TUNNELIPV4=any 440 IPV6TUNNELIPV4LOCAL=203.0.113.11 441 IPV6ADDR=2001:db8:cb00:710b::1/32 443 -modify "/etc/rc.local" 444 # vi /etc/rc.local 445 ip tunnel 6rd dev sit1 6rd-prefix 2001:db8::/32 447 -reboot 449 A.1.2.3. Debian 451 The latest version of Debian is 6.0.Debian6.0's kernel is 2.6.32.So 452 it is required upgrade kernel. 454 -modify "/etc/apt/sources.list" 456 # vi /etc/apt/sources.list 457 deb http://ftp.jp.debian.org/debian experimental main 458 deb-src http://ftp.jp.debian.org/debian experimental main 460 -upgrade kernel 462 # apt-get update 463 # apt-get -t experimental install linux-image-2.6.38-rc6-amd64 465 -reboot 467 -modify "/etc/network/interfaces" 469 # vi /etc/network/interfaces 470 auto tun6rd 471 iface tun6rd inet6 v4tunnel 472 address 2001:db8:cb00:710c::1 473 netmask 32 474 local 203.0.113.12 475 endpoint any 476 gateway ::203.0.113.1 477 ttl 64 478 up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:db8::/32 479 up ip link set mtu 1280 dev tun6rd 481 -reboot 483 A.1.2.4. CentOS 485 The latest version of CentOS is 5.5.CentOS5.5's kernel and iproute 486 package does not supported 6rd.So it is required patch. 488 -download package 490 # wget http://enog.jp/~masakazu/6rd/kernel-2.6.18-238.9.1.el5.6rd.x86_64.rpm 491 # wget http://enog.jp/~masakazu/6rd/iproute-2.6.18-11.6rd.x86_64.rpm 492 -install package 494 # rpm -ivh kernel-2.6.18-238.9.1.el5.6rd.x86_64.rpm 495 # rpm -Uvh iproute-2.6.18-11.6rd.x86_64.rpm 497 -modify "/etc/yum.conf" 499 # vi /etc/yum.conf 500 exclude=kernel*,iproute 502 -modify "/etc/sysconfig/network-scripts/ifcfg-sit1" 504 # vi /etc/sysconfig/network-scripts/ifcfg-sit1 505 DEVICE=sit1 506 IPV6INIT=yes 507 IPV6_MTU=1280 508 IPV6_DEFAULTGW=::203.0.113.1 509 IPV6TUNNELIPV4=any 510 IPV6TUNNELIPV4LOCAL=203.0.113.13 511 IPV6ADDR=2001:db8:cb00:710d::1/32 513 modify "/etc/rc.local" 515 # vi /etc/rc.local 516 ip tunnel 6rd dev sit1 6rd-prefix 2001:db8::/32 518 -reboot 520 A.1.2.5. FreeBSD 522 FreeBSD does not support 6rd yet.But the patch exists. 524 -download patch 526 # cd /root 527 # fetch http://people.allbsd.org/~hrs/FreeBSD/stf_6rd_20100923-1.diff 529 -apply patch 531 # cd /usr/src 532 # patch -p0 < /root/stf_6rd_20100923-1.diff 534 -kernel module compile and install 536 # cd sys/modules/if_stf/ 537 # make 538 # make install 540 -install manual 542 # cd /usr/src/share/man/ 543 # make 544 # make install 546 -modify "/etc/rc.conf" 548 # vi /etc/rc.conf 549 ipv6_enable="YES" 550 cloned_interfaces="stf0" 551 ipv6_ifconfig_stf0="2001:db8:cb00:710e::1/32" 552 ipv6_defaultrouter="2001:db8:cb00:7101::1" 554 -reboot 556 A.2. OS Proportion on Sakura's VPS 558 The data of OS proportion on Sakura's VPS. 560 All of OSs could server-based 6rd. 562 +-------------------+---------------+ 563 | Operating Systems | Proportion[%] | 564 +-------------------+---------------+ 565 | Ubuntu | 31 | 566 | Fedora | 6 | 567 | Debian | 13 | 568 | CentOS | 39 | 569 | FreeBSD | 11 | 570 +-------------------+---------------+ 572 Authors' Addresses 574 Shishio Tsuchiya (editor) 575 Cisco Systems 576 Shinjuku Mitsui Building, 2-1-1, Nishi-Shinjuku 577 Shinjuku-Ku, Tokyo 163-0409 578 Japan 580 Phone: +81 3 6434 6543 581 Email: shtsuchi@cisco.com 582 Mark Townsley 583 Cisco Systems 584 L'Atlantis, 11, Rue Camille Desmoulins ISSY LES MOULINEAUX 585 ILE DE FRANCE 92782 586 FRANCE 588 Phone: +33 15 804 3483 589 Email: mark@townsley.net 591 Shuichi Ohkubo 592 Sakura Internet 593 33F Sumitomo fudosan Nishi shinjuku Bldg.,7-20-1 Nishi shinjuku 594 Shinjuku-Ku, Tokyo 160-0023 595 Japan 597 Phone: +81 3 5332 7070 598 Email: ohkubo@sakura.ad.jp